In this episode, Edwin Shuttleworth from Finite State discusses firmware security, insights from the GRRCON Security Conference, and the challenges of firmware analysis. The conversation covers various topics, including firmware scraping techniques, the IoT landscape, types of firmware, the importance of Software Bill of Materials (SBOMs), and emulation in firmware ... Read More

The post GovWare 2024 appeared first on Eclypsium | Supply Chain Security for the Modern Enterprise ... Read More

NIS2, which stands for Network and Information Systems 2, and DORA, the Digital Operational Resiliency Act are two separate but interrelated pieces of legislation affecting organizations that do business in the EU. These two standards share many of the same high-level goals in that they both establish a consistent set ... Read More

Join Eclypsium Product Manager, Joe Hopp, for an overview of new product updates and a preview of the features and solutions on the Eclypsium Supply Chain Security Platform roadmap. The post Eclypsium Product Roadmap appeared first on Eclypsium | Supply Chain Security for the Modern Enterprise ... Read More

The Criminal Justice Information Services (CJIS) is a division of the US Federal Bureau of Investigation (FBI) that is the centralized source of criminal justice information (CJI) for state, local, and federal law enforcement and criminal justice agencies and authorized third parties. To ensure the protection of CJI, which provides ... Read More

IIn the current era where many network appliances are built on Linux operating systems, strong and robust firmware security is a must. Historically, network devices struggled to implement everything securely. As a result, there is a big push to use both memory-safe languages, as well as achieve process isolation similar ... Read More

Stewart and Trey join us to talk about driving cybersecurity policies for the nation, what makes a good policy, what makes a bad policy, supply chain research and policies, and overall how we shape policies that benefit cybersecurity. Show Notes The post BTS #36 - Supply Chain Policies - Stewart ... Read More

Eight-year-old domain hijacking technique still claiming victims The post MSN: Russia takes aim at Sitting Ducks domains, bags 30,000+ appeared first on Eclypsium | Supply Chain Security for the Modern Enterprise ... Read More

Eight-year-old domain hijacking technique still claiming victims The post The Register: Russia takes aim at Sitting Ducks domains, bags 30,000+ appeared first on Eclypsium | Supply Chain Security for the Modern Enterprise ... Read More

More than a million domain names — including many registered by Fortune 100 firms and brand protection companies — are vulnerable to takeover by cybercriminals thanks to authentication weaknesses at a number of large web hosting providers and domain registrars, new research finds. The post Krebs on Security: Don’t Let ... Read More